Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade cypress-cucumber-preprocessor from 1.5.0 to 3.0.0 #32

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade cypress-cucumber-preprocessor from 1.5.0 to 3.0.0 #32

wants to merge 1 commit into from

Conversation

bltb
Copy link
Owner

@bltb bltb commented May 23, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: cypress-cucumber-preprocessor The new version differs by 133 commits.
  • 7f4395b fix(release): manually release a major version
  • 581b3ef fix(deps) update files + lint
  • fc24329 chore(lint) improve eslint config + readme
  • f6261fc chore(deps) update deps
  • c7886fe fix(steps) forget to change steps.js
  • 8e6d885 fix(lint)
  • 97ce3c2 fix(steps) capitalize all methods
  • cb52404 fix(global) Remove then from global and put Then instead
  • cdcb64b rename(then) rename all then to Then
  • b8f06b9 fix(then) rename then to Then
  • 919bc4d fix(release): manually release a patch version
  • 0b7be83 chore(cypress): update to v3.8.1 for Node 10 and later compatibility
  • ad7f5f0 ci(circle): use Node.js v12 backed image
  • 049d272 chore(deps): update to @ cypress/browserify-preprocessor supporting function transforms
  • 349c189 docs: add instructions for 'out-of-the-box' TypeScript support
  • bc6dfb3 fix(featuresloader.js): pass spec as string to createTestsFromFeature fn
  • cbe8c6e fix(loader.js): pass spec as string to createTestsFromFeature fn
  • eb838d5 fix(docstring.feature): extend DocString.feature tests to cover failing scenario
  • fbbbc20 fix: define commonPath based on stepBase.
  • 47f360a fix: define commonPath based on nonGlobalStepBaseDir.
  • 8b92ed3 fix(nonGlobalStepDefinitions): .features files now work with webpack
  • 7d4a3d5 fix(types): getting the types up to date (#402)
  • 284d5f5 docs: Update README.md (#400)
  • ddf7f2b Merge pull request #391 from badeball/master

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bltb @snyk-bot